Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-09-08T04:00:00
Updated: 2018-10-19T14:57:01
Reserved: 2005-09-08T00:00:00
Link: CVE-2005-2856
JSON object: View
NVD Information
Status : Modified
Published: 2005-09-08T10:03:00.000
Modified: 2018-10-19T15:33:53.357
Link: CVE-2005-2856
JSON object: View
Redhat Information
No data.
CWE